package com.hghivln.erpwarehouse.system.Realm;

import com.hghivln.erpwarehouse.system.common.lang.ActiverUser;
import com.hghivln.erpwarehouse.system.common.lang.Constant;
import com.hghivln.erpwarehouse.system.entity.User;
import com.hghivln.erpwarehouse.system.service.MenuService;
import com.hghivln.erpwarehouse.system.service.RoleService;
import com.hghivln.erpwarehouse.system.service.UserService;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Lazy;
import org.springframework.util.ObjectUtils;

import java.util.List;

public class UserRealm extends AuthorizingRealm {
    /**
     * Lazy注解：当需要使用的时候，才加载。  即：当CacheAspect被解析之后，userService才会解析，要不然切面会不生效
     */
    @Autowired
    @Lazy
    private UserService userService;

    @Autowired
    @Lazy
    private RoleService roleService;

    @Autowired
    @Lazy
    private MenuService menuService;

    /**
     * 授权
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
        ActiverUser activerUser = (ActiverUser) principals.getPrimaryPrincipal();
        User user = activerUser.getUser();

        //ArrayList<String> superPermission = new ArrayList<>();
        //superPermission.add("*:*");
        if (user.getType().equals(Constant.USER_TYPE_SUPER)) {
            //authorizationInfo.addStringPermissions(superPermission);
            authorizationInfo.addStringPermission("*:*");
        } else {
            List<String> roles = activerUser.getRoles();
            if (roles!=null&&roles.size()>0){
                authorizationInfo.addRoles(roles);
            }
            List<String> permissions = activerUser.getPermission();
            if (permissions != null && permissions.size() > 0) {
                authorizationInfo.addStringPermissions(permissions);
            }
        }
        return authorizationInfo;
    }

    /**
     * 认证
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        String loginname = token.getPrincipal().toString();
        User user = userService.queryUserByLoginName(loginname);
        if (!ObjectUtils.isEmpty(user)) {
            ActiverUser activerUser = new ActiverUser();
            activerUser.setUser(user);
            // 根据用户ID查询角色名称集合
            List<String> roles = roleService.queryRoleNamesByUserId(user.getId());
            // 根据用户ID查询权限编码集合
            List<String> permission = menuService.queryPermissionCodeByUserId(user.getId());
            activerUser.setRoles(roles);
            activerUser.setPermission(permission);
            ByteSource byteSource = ByteSource.Util.bytes(user.getSalt());
            return new SimpleAuthenticationInfo(activerUser, user.getPwd(), byteSource, this.getName());
        }
        return null;
    }
}
